MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.6	CVE-2026-1765	Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 files_CVE-2026-1765 A flaw was found in the `tracker-extract-mp3` component of GNOME localsearch (previously known as tracker-miners). This vulnerability, a heap buffe...	Red Hat	Red Hat Enterprise Linux 10	Jun 16, 2026	CVE
MEDIUM 5.6	CVE-2026-1764	Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leads to denial of service or information disclosure when parsing mp3 files_CVE-2026-1764 A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor. When processing specially crafted MP3 files containing ID...	Red Hat	Red Hat Enterprise Linux 10	Jun 16, 2026	CVE
MEDIUM 5.4	MS:CVE-2026-11666	Chromium: CVE-2026-11665 Out of bounds read in Dawn_MS:CVE-2026-11666 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE
MEDIUM 5.3	MS:CVE-2026-11669	Chromium: CVE-2026-11668 Uninitialized Use in Codecs_MS:CVE-2026-11669 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE
MEDIUM 4.3	MS:CVE-2026-11685	Chromium: CVE-2026-11684 Insufficient policy enforcement in Network_MS:CVE-2026-11685 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE
MEDIUM 4.3	MS:CVE-2026-11686	Chromium: CVE-2026-11685 Insufficient data validation in MediaCapture_MS:CVE-2026-11686 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE
MEDIUM 5.3	MS:CVE-2026-11696	Chromium: CVE-2026-11695 Inappropriate implementation in Passwords_MS:CVE-2026-11696 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE
MEDIUM 6.1	CVE-2026-48157	Slim has Reflected XSS in the HtmlErrorRenderer_CVE-2026-48157 Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4.4.0 through 4.15, if an application uses ...	slimphp	Slim >= 4.4.0, < 4.15.2	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-9260	CVE-2026-9260_CVE-2026-9260 Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier	Canon Inc.	EOS Network Setting Tool for Windows 1.5.0 or earlier	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-49875	Apache CXF: XML External Entity (XXE) Injection in W3CMultiSchemaFactory and EndpointReferenceUtils_CVE-2026-49875 Apache CXF's EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the necessary JAXP hardening configurati...	Apache Software Foundation	Apache CXF 4.2.0	Jun 12, 2026	CVE